1 / 28

Overview about other gLite services

Overview about other gLite services. Giuseppe LA ROCCA INFN Catania giuseppe.larocca@ct.infn.it ACGRID-II School 2-14 November 2009 Kuala Lumpur - Malaysia. gLite Top BDII LFC File Catalog WMS+LB AMGA MON. Outline. 2. Pre-requisites.

yorkm
Télécharger la présentation

Overview about other gLite services

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Overview about other gLite services Giuseppe LA ROCCA INFN Catania giuseppe.larocca@ct.infn.it ACGRID-II School 2-14 November 2009 Kuala Lumpur - Malaysia

  2. gLite Top BDII LFC File Catalog WMS+LB AMGA MON Outline 2

  3. Pre-requisites Start from a base SL4.7 machine with the following rpm groups : X Window System Editors X Software Development Text-based Internet Server Configuration Tools Development Tools Administration Tools System Tools Legacy Software Development

  4. Syncronizing… • A general requirement for the gLite nodes is that they are synchronized. • Configure the file /etc/ntp.conf by adding the lines dealing with your time server configuration such as, for instance: # Prohibit general access to this service. restrict default ignore restrict 193.206.144.10 mask 255.255.255.255 nomodify notrap noquery server 127.127.1.0 # local clock fudge 127.127.1.0 stratum 10 server ntp-1.infn.it

  5. Syncronizing… • Edit the file /etc/ntp/step-tickers adding a list of your time server(s) hostname(s) cat /etc/ntp/step-tickers 193.206.144.10 • If you are running a kernel firewall, you will have to allow inbound communication on the NTP port. • If you are using iptables, you can add the following to /etc/sysconfig/iptables -A INPUT -s <NTP-serverIP-1> -p udp --dport 123 -j ACCEPT • You can then reload the firewall : service iptables restart

  6. Syncronizing… • Activate the ntpd service with the following commands: # ntpdate <your ntp server name> # service ntpd start # chkconfig ntpd on • You can check ntpd's status by running the following command : # ntpq -p

  7. Repository settings Configure the repositories as follow: Top BDII cd /etc/yum.repos.d/ wgetftp://mirror.biruni.upm.my/repos/3.1/glite-BDII.repo \ ftp://mirror.biruni.upm.my/repos/3.1/lcg-CA.repo \ ftp://mirror.biruni.upm.my/repos/3.1/jpackage.repo \ http://grid018.ct.infn.it/mrepo/repos/gilda.repo \ ftp://mirror.biruni.upm.my/repos/3.1/dag.repo \ LFC File Catalog cd /etc/yum.repos.d/ wgetftp://mirror.biruni.upm.my/repos/3.1/glite-LFC_mysql.repo \ ftp://mirror.biruni.upm.my/repos/3.1/lcg-CA.repo \ ftp://mirror.biruni.upm.my/repos/3.1/jpackage.repo \ http://grid018.ct.infn.it/mrepo/repos/gilda.repo \ ftp://mirror.biruni.upm.my/repos/3.1/dag.repo \

  8. Repository settings Configure the repositories as follow: WMS+LB cd /etc/yum.repos.d/ wgetftp://mirror.biruni.upm.my/repos/3.1/glite-WMS.repo \ ftp://mirror.biruni.upm.my/repos/3.1/glite-LB.repo \ ftp://mirror.biruni.upm.my/repos/3.1/lcg-CA.repo \ ftp://mirror.biruni.upm.my/repos/3.1/jpackage.repo \ http://grid018.ct.infn.it/mrepo/repos/gilda.repo \ ftp://mirror.biruni.upm.my/repos/3.1/dag.repo \ AMGA cd /etc/yum.repos.d/ wget ftp://mirror.biruni.upm.my/repos/3.1/glite-AMGA_postgress.repo \ ftp://mirror.biruni.upm.my/repos/3.1/lcg-CA.repo \ ftp://mirror.biruni.upm.my/repos/3.1/jpackage.repo \ ftp://mirror.biruni.upm.my/repos/3.1/dag.repo \ http://grid018.ct.infn.it/mrepo/repos/gilda.repo

  9. Repository settings Configure the repositories as follow: MONcd /etc/yum.repos.d/ wgetftp://mirror.biruni.upm.my/repos/3.1/glite-MON.repo \ ftp://mirror.biruni.upm.my/repos/3.1/lcg-CA.repo \ ftp://mirror.biruni.upm.my/repos/3.1/jpackage.repo \ http://grid018.ct.infn.it/mrepo/repos/gilda.repo \ ftp://mirror.biruni.upm.my/repos/3.1/dag.repo yum clean all Loading "kernel-module" plugin Cleaning up Everything 72 headers removed 0 packages removed 12 metadata files removed 0 cache files removed 6 cache files removed

  10. Install meta-packages Top BDII: Install Java and the meta-package for the UI yum install glite-BDII java-1.6.0-sun-compat LFC: Install Java and the meta-package for the LFC yum install glite-LFC_mysql java-1.6.0-sun-compat WMS+LB: Install Java and the meta-package for the WMS+LB yum install glite-WMS glite-LB java-1.6.0-sun-compat AMGA: Install Java and the meta-package for the AMGA yum install glite-AMGA_postgress java-1.6.0-sun-compat MON: Install Java and the meta-package for the MON yum install glite-MON java-1.6.0-sun-compat Install the CAs and the utils to support the GILDA VO: yum install lcg-CA gilda_utils

  11. Configure Download the “corrected” site-info.def for your server cd /opt/glite/yaim/examples/siteinfo/ wget ftp://mirror.biruni.upm.my/klacgrid/site-info.def Protect your configuration file chmod 600 site-info.def Verify your configuration file source site-info.def

  12. Configure Top BDII Settings for the site-info.def # Hostname of the top level BDII BDII_HOST=<Your_Top_BDII_Server> # Hostname of the DPM head node DPM_HOST=“<Your_DPM_Server>“ ???? # Human-readable name of your site SITE_NAME=<Your_Site_Name> # The contact e-mail of your site SITE_EMAIL=“”

  13. Configure Top BDII Settings for the /opt/glite/yaim/examples/siteinfo/services/glite-bdii_site SITE_DESC=“Your Site description" SITE_SUPPORT_EMAIL="" SITE_SECURITY_EMAIL="" SITE_LOC="City, Country" SITE_WEB="http://" SITE_OTHER_GRID="INFNGRID|EGEE" # List of hosts where there are services that want to publish into the BDII BDII_REGIONS="CE SE" # The following example is valid for hosts using BDII. # If your host is using MDS instead (all 3.0 nodes) # change the port to 2135 and mds-vo-name=local BDII_CE_URL="ldap://$CE_HOST:2170/mds-vo-name=resource,o=grid" BDII_SE_URL="ldap://$DPM_HOST:2170/mds-vo-name=resource,o=grid"

  14. Configure LFC Settings for the site-info.def # Human-readable name of your site SITE_NAME=<Your_Site_Name> # MySQL admin password. Choose a good password! MYSQL_PASSWORD=<Your_MySQL_Password> LFC_HOST=<Your_LFC_Server> # Standard database on the LFC host LFC_DB_HOST=$LFC_HOST LFC_DB=cns_db LFC_CENTRAL="gilda euasia“ # INFN-GRID: set this var to "yes" if your LFC server is a # replica of a "central" one, and has to be read_only for # users. Default value: no LFC_READONLY=no LFC_DB_PASSWORD=$MYSQL_PASSWORD # Space separated list of supported VOs by your site VOS="gilda euasia"

  15. Configure WMS+LB Settings for the site-info.def # Hostname of the top level BDII BDII_HOST=<Your_Top_BDII_Server> # MySQL admin password. Choose a good password! MYSQL_PASSWORD=<Your_MySQL_Password> # Human-readable name of your site SITE_NAME=<Your_Site_Name> # The contact e-mail of your site SITE_EMAIL=“” # Hostname of the WMS WMS_HOST=<Your_WMS+LB_Server> # Space separated list of supported VOs by your site VOS="gilda euasia"

  16. Configure WMS+LB Settings for the /opt/glite/yaim/examples/siteinfo/services/glite-wms # Set LB_HOST="host1:port1 host2:port2 host3:port3" # if more than one LB is installed on separate nodes LB_HOST=“<Your_LB_Server>:9000“

  17. Configure WMS+LB Settings for the /opt/glite/yaim/default/glite-wms.pre GLITE_LOCATION_VAR="/var/glite" GLITE_LOCATION_LOG="/var/log/glite" GLITE_LOCATION_TMP="/var/glite" GLITE_SD_PLUGIN="bdii" GLITE_WMS_GROUP=glite GLITE_WMS_USER=glite GLITE_WMS_QUERY_TIMEOUT=300 GLITE_PR_TIMEOUT=300 GLITE_WMS_WMPROXY_MAX_SERVED_REQUESTS=50 # Amount of time a job spend in WM queue before to be aborted. # If too short it generates trouble with job collections. WMS_EXPIRY_PERIOD=86400 # Time waited before to retry a match making after a first # failure. Good compromise 1800 WMS_MATCH_RETRY_PERIOD=21600

  18. Configure AMGA Settings for the site-info.def # Space separated list of VOs supported by your site VOS="gilda euasia" #Variable that will be used for the root user to log into the amga server-put here a valid DN AMGA_ROOT_USER_DN='C = IT, O = GILDA, OU = Personal Certificate, L = INFN Catania, CN = Giuseppe La Rocca' #Variable that will be used for the test user (SAM tests etc) to log into the amga server-put here a valid DN AMGA_TEST_USER_DN='C = IT, O = GILDA, OU = Personal Certificate, L = INFN Catania, CN = Giuseppe La Rocca' INSTALL_ROOT="/opt"

  19. Configure MON Box Settings for the site-info.def # Hostname of the RGMA server MON_HOST=<Your_MON_Server> # Uncomment this variable if you are installing a mysql server # It is the MySQL admin password. MYSQL_PASSWORD=KualaLumpur MYSQL_HOST=$MON_HOST MYSQL_REMOTE_USER=momadmin # Hostname of the CE CE_HOST=<Your_CE_Server> # Human-readable name of your site SITE_NAME=<Your_Server_Name> # Hostname of the site BDII SITE_BDII_HOST=<Your_Top_BDII>

  20. Configure MON Box Settings for the /opt/glite/yaim/defaults/glite-mon.pre # If GIN is to be configured using the site bdii set this to # "yes“. If fmon is to be used set this to no - defaults to # yes if not set GIN_BDII="yes" # If "yes" encrypt UserDNs with a 1024-bit RSA key # If "no", UserDNs are not published (default) APEL_PUBLISH_USER_DN="no" # The name of the user for access to the remote MySQL server MYSQL_REMOTE_USER="root" # The name of the host where the mysql server is located MYSQL_HOST="localhost"

  21. Configure MON Box Before to configure yum install mysql-server ============================================================================= Package Arch Version Repository Size ============================================================================= Installing: mysql-server i386 4.1.22-2.el4.sl sl-base 9.9 M Installing for dependencies: mysql i386 4.1.22-2.el4.sl sl-base 3.1 M perl-DBD-mysql i386 4.012-1.el4.rf dag 221 k perl-DBI i386 1.609-1.el4.rf dag 858 k perl-Net-Daemon noarch 0.43-1.el4.rf dag 44 k perl-PlRPC noarch 0.2020-1.el4.rf dag 33 k Transaction Summary ============================================================================= Install 6 Package(s) Update 0 Package(s) Remove 0 Package(s) Total download size: 14 M [ .. cut .. ]

  22. Configure (cont.) ########## # EUASIA # ########## VO_EUASIA_SW_DIR=$VO_SW_DIR/euag VO_EUASIA_DEFAULT_SE=$DPM_HOST VO_EUASIA_STORAGE_DIR=$CLASSIC_STORAGE_DIR/euasia VO_EUASIA_VOMS_SERVERS="vomss://voms.grid.sinica.edu.tw:8443/voms/euasia?/euasia" VO_EUASIA_VOMSES="'euasia voms.grid.sinica.edu.tw 15015 /C=TW/O=AS/OU=GRID/CN=voms.grid.sinica.edu.tw euasia'" VO_EUASIA_VOMS_CA_DN="'/C=TW/O=AS/OU=GRID/CN=voms.grid.sinica.edu.tw'" VO_EUASIA_CA_DN="'/C=TW/O=AS/CN=Academia Sinica Grid Computing Certification Authority Mercury' '/C=TW/O=AS/CN=Academia Sinica Grid Computing Certification Authority Mercury'"

  23. Configure (cont.) ######### # GILDA # ######### VO_GILDA_SW_DIR=$VO_SW_DIR/gilda VO_GILDA_DEFAULT_SE=$DPM_HOST VO_GILDA_STORAGE_DIR=$CLASSIC_STORAGE_DIR//gilda VO_GILDA_QUEUES=“gilda" VO_GILDA_VOMS_SERVERS="vomss://voms.ct.infn.it:8443/voms/gilda?/gilda" VO_GILDA_VOMSES="'gilda voms.ct.infn.it 15001 /C=IT/O=INFN/OU=Host/L=Catania/CN=voms.ct.infn.it gilda'" VO_GILDA_VOMS_CA_DN="'/C=IT/O=INFN/CN=INFN CA' '/C=IT/O=INFN/CN=INFN CA'"

  24. Host certificates All nodes except UI, WN and BDII require the host certificate/key files to be installed; Contact your national Certification Authority (CA) to obtain a host certificate if you do not have one already; Make sure to place the two files in the target node into the /etc/grid-security directory and check the access right for hostkey.pem is only readable by root and that the public key, hostcert.pem, is readable by everybody.

  25. Configure Top BDII: /opt/glite/yaim/bin/yaim –c –s site-info.def –n glite-BDII_top LFC: /opt/glite/yaim/bin/yaim –c –s site-info.def –n glite-LFC_mysql WMS+LB: /opt/glite/yaim/bin/yaim –c –s site-info.def –n glite-WMS –n glite-LB AMGA: /opt/glite/yaim/bin/yaim –c –s site-info.def –n glite-AMGA__postgres MON: /opt/glite/yaim/bin/yaim –c –s site-info.def –n glite-MON

  26. Install VOMS cert. Download under /etc/grid-security/vomsdir/ the EUASIA voms host certificate wget http://ca.grid.sinica.edu.tw/publication/newCRT/newcerts/0341.crt and rename this file to voms.grid.sinica.edu.tw.pem

  27. Firewall Settings Fro further information, see the documenthttp://glite.cvs.cern.ch/cgi-bin/glite.cgi/org.glite.site-info.ports/doc/middleware-ports.txt?revision=1.15&view=markupthe

  28. References Refer to the following references for more details about required variables of the gLite UI: https://twiki.cern.ch/twiki/bin/view/LCG/UI_configuration_variables https://twiki.cern.ch/twiki/bin/view/LCG/Site-info_configuration_variables

More Related